A week after cybersecurity legislation stalled in the Senate, a senior Obama administration official said on Wednesday that the White House is weighing an executive order to help bolster the nation’s critical infrastructure from cyberattacks.

Following a speech at the Council on Foreign Relations, John Brennan, the White House homeland security and counterterrorism adviser, said the president has urged officials to continue to look for ways to use existing authority to bolster the nation’s cyberdefenses. His comments came a week after the Senate blocked cybersecurity legislation aimed at enhancing protection of the nation’s critical infrastructure from cyberattack.

“If the Congress is not going to act on something like this, then the president wants to make sure we’re doing everything possible,” Brennan said. “President Obama has told us after the Collins-Lieberman bill didn’t go forward to keep at it and keep pushing, and we are going to keep pushing on the Congress, but also we’re going to do what we can under executive-branch authorities.”

He did not say what actions the White House is considering, but former Homeland Security Department official Stewart Baker, a partner at Steptoe and Johnson, said that some of what was included in the Senate bill aimed at protecting the nation’s power grid, transportation systems, and other critical infrastructure could be addressed using existing authority.

“By the time the Senate was done giving things away to the [U.S. Chamber of Commerce] and the privacy lobbies, [the bill wasn’t] doing too much more than we could do with existing authority,” Baker said in an interview on Wednesday.

At least one lawmaker has called on the White House to act on its own given the inability of Congress so far to pass cybersecurity legislation. Rep. Edward Markey, D-Mass., wrote Obama on Wednesday calling on him to issue an executive order that would ensure utilities take necessary steps to protect the nation’s power grid from cyberattack.

“We should not wait for a crippling terrorist attack on our grid before we act,” Markey wrote. “If congressional Republicans insist on fully entrusting the safety of our grid to a utility industry that is ill-equipped to adequately and uniformly respond to threats and vulnerabilities that are of paramount importance to national security, then you can and must take action to mitigate these threats and vulnerabilities to the extent possible by executive order.”

The nation’s power grid is already under strain from the heat wave gripping most of the country but utilities and other critical infrastructure also are a prime target of hackers, Markey and Brennan both noted.

“The critical infrastructure of this country is under threat,” Brennan said. “We have to improve our defenses on this issue.”

FROM OUR SPONSORS

sponsored

JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or
otherwise objectionable. Although Nextgov does not monitor comments posted to this site (and has
no obligation to), it reserves the right to delete, edit, or move any material that it deems to
be in violation of this rule.

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

Data-Centric Security vs. Database-Level Security

Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.